[Freeipa-devel] [PATCH] 068 Connection check program for replica installation
Rob Crittenden
rcritten at redhat.com
Sat May 28 04:10:00 UTC 2011
Martin Kosek wrote:
> On Mon, 2011-05-23 at 16:41 -0400, Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> This is a first version of connection checking program for replica
>>> installation. See patch for program purpose description. Currently,
>>> there is no man pages for the program.
>>>
>>> Note to Simo and Rob: I use password for logging as admin. Btw would it
>>> be safe to have an admin keytab in the replica file? Replica file
>>> contents are lying freely in /tmp after the replica installation.
>>>
>>> Martin
>>
>> nack, you aren't including the new binary in the spec.
>
> Oh, thanks for this one.
>
>>
>> You should also:
>>
>> - set KRB5CCNAME to a temporary ccache and remove that when the install
>> exists (successful or not)
>
> Done.
>
>> - remove the temporary krb5.conf you create
>
> Done.
>
>> - be a bit more explicit what we are doing, at least more than "Run
>> connection check to master".
>
> Actually, I am if you run the new script separately. I removed "--quiet"
> parameter passed to the script in ipa-replica-install so that it is more
> verbose. Plus, I improved texts sent to the user.
>
>> - yes, we should remove the replica file contents
>
> I enhanced ipa-replica-install to do that.
>
> Martin
>
Works great until the very end:
...
...
Execute check on remote master
Check connection from master to remote replica 'slinky.greyoak.com':
Directory Service: unsecure port (389): FAILED
Directory Service: secure port (636): FAILED
Kerberos (88): OK
Remote master check failed with following error message(s):
Could not chdir to home directory /home/admin: No such file or directory
Port check failed! Unaccessible port(s): 389, 636
Connection check failed with following error: None
rob
More information about the Freeipa-devel
mailing list